PatchSiren cyber security CVE debrief
CVE-2024-35807 Siemens CVE debrief
A vulnerability in the Linux kernel's ext4 filesystem could cause data corruption during online resize operations. The issue was resolved in the upstream Linux kernel. Siemens has identified this vulnerability as affecting the GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP industrial control system. The vulnerability has a medium severity rating with a CVSS score of 5.5, requiring local access and low privileges to exploit, with a high impact on availability. No patch is currently available from Siemens; mitigations focus on restricting access to trusted personnel and ensuring only trusted applications are executed.
- Vendor
- Siemens
- Product
- SIMATIC S7-1500 TM MFP - GNU/Linux subsystem
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-09
- Original CVE updated
- 2026-05-14
- Advisory published
- 2024-04-09
- Advisory updated
- 2026-05-14
Who should care
Organizations operating Siemens SIMATIC S7-1500 TM MFP systems with the GNU/Linux subsystem enabled, particularly in industrial control and automation environments where system availability is critical. Security teams managing OT/ICS infrastructure should prioritize access controls until a patch becomes available.
Technical summary
The vulnerability exists in the ext4 filesystem implementation within the Linux kernel, specifically during online resize operations. The flaw could lead to filesystem corruption. The attack requires local access with low privileges and has no confidentiality or integrity impact, but causes high availability impact. The CVSS vector is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. Siemens has confirmed the GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP is affected, with no fix currently available as of the advisory publication.
Defensive priority
medium
Recommended defensive actions
- Restrict interactive shell access to the GNU/Linux subsystem to trusted personnel only
- Ensure only applications from trusted sources are built and executed on affected systems
- Monitor for Siemens security advisories regarding patch availability
- Apply defense-in-depth strategies for industrial control systems per CISA guidance
Evidence notes
CVE published 2024-04-09. CISA CSAF advisory ICSA-24-102-01 published same date. Siemens SSA-265688 cross-referenced. Modified 2026-05-14 per source metadata.
Official resources
-
CVE-2024-35807 CVE record
CVE.org
-
CVE-2024-35807 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-04-09